I am trying to compute a PHP function to have the 3DES (Triple DES) in ECB Mode. But I am getting the wrong result.
My result : 615EDC0E8EAD5DDE
Expected result : 7B66D9A5010A8035
(the expected result is computed with HSM and confirmed with the website) http://tripledes.online-domain-tools.com/
Here is my PHP function, taking as parameters :
$data = "3200000025381234"
$key = "98137332E06BBA25AEE51CFD150EA8E3"
function tripleDES($data, $key) {
$key= hex2bin($key);
$data = hex2bin($data);
$enc = openssl_encrypt($data, 'des-ede3', $key, OPENSSL_RAW_DATA |
OPENSSL_ZERO_PADDING);
return strtoupper(bin2hex($enc));
}
What am I doing wrong ?
Thanks to the answer of Topaco, I understood my mistake.
So I used this github project: https://github.com/gilfether/phpcrypt and corrected my code this way (using my 16-bytes key):
function triple_DES($data, $key){
$key = hex2bin($key);
$data = hex2bin($data);
$crypt = new PHP_Crypt($key, PHP_Crypt::CIPHER_3DES, PHP_Crypt::MODE_ECB);
$encrypt = $crypt->encrypt($data);
return strtoupper(bin2hex($encrypt));
}
Related
I am using this function to encrypt a string :
function encrypt_decrypt($action, $string)
{
$output = false;
$encrypt_method = 'AES-256-ECB';
$secret_key = 'gT4ThOvcaFDccFFV21mg5hPzglZsY73T';
$key = hash('sha256', $secret_key);
if ( $action == 'encrypt' )
{
$output = openssl_encrypt($string, $encrypt_method, $key, 0);
$output = base64_encode($output);
}
else if( $action == 'decrypt' )
{
$output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0);
}
return $output;
}
I am using this function in 2 php files (same function no changes at all )
the only difference between the 2 files is :
File1.php is getting the string in HTTP GET request:
$Email = htmlspecialchars($_GET["Email"]);
$ENC_Email = encrypt_decrypt("encrypt",$Email);
echo($ENC_Email);
and File2.php is getting the very same string from cookies:
$Email = $_COOKIE['Email'];
$enc = encrypt_decrypt("encrypt",$Email);
echo($enc);
echo of the variable $Email is same in both cases , but the resulting encrypted string is different.
What am I missing here ?
It's normal. You encrypt a string, it's not the samething as hashing a string. A hash will give you always the same result. But encryption use random salt, randomIV and differents other random parameters. Then the result is always different.
But, when you decrypt, you must get the string you have encrypted before.
I can't get Libsodium to decrypt a response I'm receiving from a webhook but openssl_decrypt does. I'm not getting an error but I keep getting a blank result which mean I must be doing something wrong.
The reason I want to use Libsodium over OpenSSL is that it's more reliable. In high traffic scenarios, openssl_decrypt becomes quite unreliable.
Here's my code:
public function webhook(Request $request) {
$psp = new Psp();
$transaction_state = new \stdClass();
$transaction_state->state = 'Live';
$key_from_configuration = 'B46FAC78301751BCB489AC6D878877CA9AD8A71278DA777DD91B1AAB82135817';
$iv_from_http_header = $request->header('x-initialization-vector');
$auth_tag_from_http_header = $request->header('x-authentication-tag');
$http_body = file_get_contents('php://input');
$key = hex2bin($key_from_configuration);
$iv = hex2bin($iv_from_http_header);
$auth_tag = hex2bin($auth_tag_from_http_header);
$cipher_text = hex2bin($http_body.$auth_tag_from_http_header);
// This works when $cipher_text = hex2bin($http_body)
$result = openssl_decrypt($cipher_text, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $iv, $auth_tag);
// This does not work. According to the webhook docs, $cipher_text has to equal hex2bin($http_body.$auth_tag_from_http_header);
$result = sodium_crypto_aead_aes256gcm_decrypt($cipher_text, NULL, $iv, $key);
Storage::put('json.txt', $result);
}
The docs for the webhook aren't that great and the example they have is pre PHP v7.1. Here's their example code...
<?php
/* Php 7.1 or later */
$key_from_configuration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f";
$iv_from_http_header = "000000000000000000000000";
$auth_tag_from_http_header = "CE573FB7A41AB78E743180DC83FF09BD";
$http_body = "0A3471C72D9BE49A8520F79C66BBD9A12FF9";
$key = hex2bin($key_from_configuration);
$iv = hex2bin($iv_from_http_header);
$auth_tag = hex2bin($auth_tag_from_http_header);
$cipher_text = hex2bin($http_body);
$result = openssl_decrypt($cipher_text, "aes-256-gcm", $key, OPENSSL_RAW_DATA, $iv, $auth_tag);
print($result);
/* Php prior to 7.1 */
/* Please refer Using Libsodium in PHP Projects */
$key_from_configuration = "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f";
$iv_from_http_header = "000000000000000000000000";
$auth_tag_from_http_header = "CE573FB7A41AB78E743180DC83FF09BD";
$http_body = "0A3471C72D9BE49A8520F79C66BBD9A12FF9";
$key = hex2bin($key_from_configuration);
$iv = hex2bin($iv_from_http_header);
$cipher_text = hex2bin($http_body . $auth_tag_from_http_header);
$result = \Sodium\crypto_aead_aes256gcm_decrypt($cipher_text, NULL, $iv, $key);
print($result);
?>
Edit: Real world responses
Key: 282F8C1F40FD0BF4E9C130CB5E3CE6624B78E3AEB89FF4E4DFBF5F4360B1488B
IV: D71C4DE2ACEF0EEB40AEAA25
Auth Tag: CE27C16EA5A3D772DBB10A42C5DF99C9
Ciper: DA113CEBD4C6959DAA26B3A4FF4F66B8D403FF6042900F725567FF426A77E7EB46927B574D334A1655C6F631F8096D9E3D889D859E372147017A052F1FC714AA9512E2EAAF1C5375AA0902982215FC6D2F29B112A877EF42D8D70353B0A24D651EE8CA2B224B9310A761EF767C810F1217CF31446C4DD6EA0864ED8F5E99BE6C573FE435333FBDB28A124C66EC44F5B44C0F4FD5D73444B85E1EB20B4F72B4A92D4723928F412231D4AD92381599268AF736D8849B4B3204408D4BD0BA4A386931D31B2A00983FA5BE8054126F34C9FFA1D898203BAB35EE586A5136469B9DBDA391594948F0E5CB066F9F9D69B1D4D6009A93227D172D43D9FCC936B1BD05F2D568B361CAF445FBA7FDFDF651AFD3AADA107C3D6D8A26284D003D29CAD4E111BE6ABBE3AF74AB1F19AAFF3CD7C8CE1F5270CCC9E849AC6D9C4030233EF33EAC8925F7E533395D4B8AF33EA2EB8E22FD138AACE48E9B8A4C7276A7474CA3BED7297E1BBCD2518229143198D9AF0BF987C0E53E4FC4E41149AEA8A1E59559B4ACEC481C67B4F962368A794C687EEBCE0A110CDF2C8FBE53AB3E9E4A8F04FACC783B9974236436828729EB95249B98CDB498CF2A81BBDEF712BD517A44654864B4E083BC8B9ECE153F87E107D55ED279C61313D6E8E8F1C5757E5CC330EEB8F165FACEFC616862FB7644BF0FE5A640DE9A5FD48408CD7EDB697BDD77DD09DE98EEEC7594D8B4B7BED07828B7F1AFB357E160B3844414BA8764BA06B8318ED82943FB3D270F9DAA415E3A35B1A2E1D2523177831BE2FE793416707C88E4A9CAC2FD787541B40CBB08BED5702A6229DAD4C81855AE014B1AFD42B84AFD13065DC2508B5B8C1345CDF787188F6ADA880ED6CBA5002B4241DE8E27BE368CF1D7D17AAE83926A5BD1EF4815A764FD39A8C7326FCA2D87A1C102CCB51F1504310AD7BEFC6DF1B5A7707196E504D6170E520198EBBB6F1026433F99A4A0AD593064E602E83C16F25D7484AE9EE00C4EBA51F23104DC2B071B88D71763B38CD5E0446E25D8D633408F28315C9B250CF5ACCAA83DE6EE793A0FFDB2DB13A66572A170A7DB70E5BA3B62A4241C5E162FBCD2DAC2072D853A45CDB67883CA61EB11552AB8E8CE0DAC7B30656B808631AED23FB6FE3C8DA738ADB4B18B5F450CD62182A86CAB520C22A53155B9644C6967F657F78A89A11E98475FD4E691B90FC49DE5CF499780491FE001EE22972FDEB14A18C5A28B97F67976E0B662CF80B0A7693272C175A1CEE65AB4C72A5F8BB125D79AE7C1E654A63AECB4AC559368DF5859FACC6982A28569FB1FD1799B6430FB7351D3CF2BB69A1C2BFE72FEB731699D0D48449B15E95A6EAD7E4AD99EF72820E942D806BF52F9FC18E3D523C1F0F0236611ABD3F46B74734E52B7CE9EBAF240C11454E21E10AFED954C5DB61EF9063935E237AB774934FE1C1E1BC6ACBC5BDE49C792B86635EAC9820680DD44B6F13C0A79CD3249825998C85142C5E3BC681FAE0B9648975446F9836A13E9BFC969D870B2166C62CB25A6802563C6228F284343967F61EEF958EC2CEA5BC7E7905D1A516376B6D66A6DD583F1ED0352DC3BAC491645969F67ED3FFDE9C59F858A334A545F46F710B07728C7658C2E5D8B853DF91DA9B4902C3754D14ABF38CEBFF6B0B495C8B84FE256D3237733CA0D4AD61F09CE2736EC3E710C64372C94030B520B843384B4CB255BF3B76803DB754530A5B63BD20F5B786BFDED980015F9EE7F13376DECDD4FB5DF57459A8E5CAE76AF2F1A21A0C596A8246A1934FCFF5BC087D0EB4A07E7F4E0BF8E79214453110B123DB94D84A76C40199C3CFFE0D9087A59C795ADAAE49315F9AEAF48E79D30313D74B9CDDADD572857491E56EB08B020A0F68186FF28008A7E42FE9815DEE15D785AB094E0CEC12548406616D8FF08C2DDF19712929348ABFB8C1B56A23C29FAB9C4AD7F608ADA5BBC13B97E34C36B3E0E15A5D0D1E932BC7AFB239AB608ED8E60C539EEE06399FC7956E3C2DFA760627F9E98E3AE83B4C399E589410A72F05B1D90C9F839B477AE91C29D3E3925341DD3AD201176C7B22D58387C3E2DD7C920D1C900E254AE351C19EA6EE7350E2B4B1E287A8A35C3D0644F7DA83B252ADA4884473728418D6942AD60209A0899DA0B9246F9D937CAD009F1C82C1D15C31B1BEFE49CBC4273CF7882EB56B6D886969399733E1078A5376509DBAB8714EC44FF1307A380FE39CD58011AA6076CCB3FFA732429DFE5B48DBADB3CAF70D3B9A376C01CC38C3408C448BAC232555666157EB7FD0F2210C6E2586D80814E0E2AA9DDAD42C0EC0E4362726ACCF747987D7EC876030C352D10BBF16D845006AABB27CE4BDDDA28BEF4CB1932AD1CB2C839B8B41C692C4ECB666073D6C1AF8F1E7889FCA3BD53DA33E055413EE00E74C2131377DC980B2B66CC38C15A4BC21A4FE1E7093C7DF11DF534EE3FE702211FA02941E2F4FE8D68DBFD616A3978574C67302E5E1B05377DBCA080DEFCE218CEFC3DA5CEEC703D040BE2FCE2DE6CEB6B73845C65B627A5FAD0CF519016B80E1B9B2A41CE976DF75CD554FF356599469EBA4C06FFE4AD5CA56226CE3475FC02EAC07B7BDD4384CB02B5FA28DB094041B0DBD708681841E97F70A910CFA3267E0AA3608E0CD33E65A6F4F2C31AD48D74C64C4E51E8A327882439894A49EC4FBE2175076255D0053B7E4C2DD938937CC3820F44306EC087D3A38DE7D994D7265B491058036206D3A7C2654E9DA569E54DAE951E339C6A8F8BA1F1F179A83025EF8C207182DD7344399463B99B3991504447E353D02AF3359769CA10D6D0AB1870FB9D9BD9EA9F73A4A0A60008BF5150F0A1EEB7A7A2AB888EE8709C767CEC7F0FD2FF8A140B92E26615EECDC58EFD9DFE4EEB49EC9494D75A01A629554EBD2EBF183C12679CD3CEE09BB02ED7D4DC2D623AB3C965D2F6034D266A311CBFB8C8D4A1526A039E592944C6227AC276ED78D2259AC5F2B07D7C6FC02D29540D01136F91693005ACFD5DBAD06FF7E88434D73B3D1FB59D16E4B0EC5020D07567CF962F8437BDF365E601EC76CFD405D3A6FD4E3EE0A5044AA294AFAEAA26449E4C5BDD5A3610BF6F94DFBD4C415D
Key: 282F8C1F40FD0BF4E9C130CB5E3CE6624B78E3AEB89FF4E4DFBF5F4360B1488B
IV: 8C7A8CA57FA6EC8B78EFB4AE
Auth Tag: E2A22DA77F0C508403816A802AE00CEF
Ciper: 179DB919FBD81E8B3436724479F81CE83B4E6CBE41BCF585FD56C89C9B292BD7B140AE2582B456ED3990FDF2C2D02D3E46028185AF0271C54E089807D6C95B05F6D824BF8BF4DAA4B9423BD5688F19DDC3D592F67908C7F9DE03112422318A1C8E83247ACF7FA6D36C96995D1FE6C95696857C5E1F1F4B13D508ADD58DC3C14C000C7E23AFC677D10901CD19A0DCCBC19C87F80660E1C986DE0A258578B5105B9952FB2A59015BE7D6DC84095529A21E67EEE8DA29E8C7920862C5F729616C2EF4F7949E9E6529E29C49D26054B3234DA7501C18E7818CF8AA5CA1335A02438F0090BE9D22B1C5576535E9B2DF58765EDD0FBA629A86B8B9E0D2074EA5A0D5F2275CCF9EDAABF77C2E1CE1B74FCAC4F70991CB32F4309DBD59157D199F65B6FA84410C305F4DBD21288BD23A3A0A925F24F387C4F7B1527D5D9CDEE2B52090614D779DD0C4ED64ADDB395BAA5468B35889A0881D217F430681EE749DE0ABF8FCFA203CACB636A8A193EA716D503F8E60AE510A47A91B9A246528A89B665F18321F29AA3B3F0CA1952890ED562351EB3B20F71169872C44DDE54B71B79526A392EDF5941F88B8878525F002E1CCCC18E002C4EE779942931BD0AE4192497532F48939F3F4531EF2DDBD0893C79D060010D3C4943F71515D0BCDDE9AA497ACF8453325EC831F2269E16830BEF96D2B791F7570AF0313D7C35B8B1D69F7E1A127E110101A32B1B5669F51A07957A0968C7DE3A7294EED68B0EB661AFBB2384173D404708414731C4AC08C47FF128FAAA0E89C33B8BE9082B97C7A205989915489FC186D6931CE5A48A3E666D23A4BB0C37A07456037BD2EB9924FA714D149933B828BF1F74A7A6EA22979FAF7CE6F03247ED931656EFCDB891A2C7D781759FA9176D34E1244B9133297D42E8E3E3BAA066B218D5431C9CEA593ABD79E821A75634D13E0EAA50A626695AD6BC8DCA94812D4A44B90584803D6822F7BAB3C806454F7A88D1ADCE4D31F28914EEADD0E05F82BCB5E75503EF79E05ED3B0550B5D57A632226E9312232C6D1BE4B42D9
Key: 282F8C1F40FD0BF4E9C130CB5E3CE6624B78E3AEB89FF4E4DFBF5F4360B1488B
IV: 34227A5F7EF770D06AFF5802
Auth Tag: 0378EEE7AD576220256882D6084A4EAA
Ciper: 3B28A15C7103AB068A191618863C267E65A07AB9882BE0EF20CF32C137509D30E8066E26C7C2CE2C3F4DE2FB86E3A5409A90D2E772790434A789274ACCA93960CB65BF93066FC7D53CF7C74E8DEFE43A9DFB918F3F7109BF17F01C7378D44F24B78B15B8905DB06525A00135037B5B52E4F899D10111F3A2EBCA49A17C5272F98F97971051DCE89EBAF8412A585FE38B53DF4DEA2A9944CDAD2834F079A49F4247507253FD6AD769AB53F5C2B809B71C303D02E4321FD7A28F918FB4C0CF7963C2437D14A3273DDAB98231B15634D9E143D623B850FB8B8803717B4FDC647063C939DF677F6E90308F3824448179326C2C5AA1A2406B13F048BF908502D613DC1F2043D1A9AF13571287C8F4B98B5CE31E54D8E7BB0D963E451A5C0B9C2226B95967FCCA5AD754788C9F75080D458785B77AA6647A12F49FD07D7C3EFA79C6145E61AD101F3427920288891E6BFD05289D98CE030D5CCCDC55016A231B60E118127AFA49B9DB1FFD413DEFCEE72CD1361580F969811EA5AA31E4F5C095C5D12038D1BADDF1A6605B05EE4BF4009929E44F24017DD64D59B75381458BAC548BBDFC2F2AEF7CAE79A8EE0524747B69DD8C257521ED43CE4F9EBCCF2ADF7F708B53764177B49FFD8D8311F47A015A77FF2B2913F781C86C2E5D5ACBE866E18F6E859A118980DACAF3880722F95B75584B0B5171B8BC42309FD58C09F459818E33E49064D9436A6BD4F2F0E13EBBB2465C407711E6C9F2B47FE958B867A5AE433D7BBB164EBD847675480A1275093A1339C921EF527519B41550FF34B7BBB1EBD2DC4A1EC1A5DD3067D0BFC27AB5B527DC7BD388A66C1EBF4CAE403976834174E4681B66DFF867FAB023EC88567A60D8235ED8A0F55EEFF48602E9826C762E47B4441B18C378B529FFF002AEE98497974EA916699FD511C3D0FBE1FB4A6FA2721F3B614F9DFF2592CEF21CB25CE8057326AE6ECE484367B5EDBEF91424FD599F731B316626C51728A045FC2C7F1D01
Your simplified example, using both OpenSSL and Libsodium, producing the same output:
$key = hex2bin("000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f");
$nonce = hex2bin("000000000000000000000000");
$tag = hex2bin("CE573FB7A41AB78E743180DC83FF09BD");
$ciphertext = hex2bin("0A3471C72D9BE49A8520F79C66BBD9A12FF9");
$msg = openssl_decrypt($ciphertext, "aes-256-gcm", $key, OPENSSL_RAW_DATA, $nonce, $tag);
assert($msg === '{"type":"PAYMENT"}');
$msg = sodium_crypto_aead_aes256gcm_decrypt($ciphertext . $tag, NULL, $nonce, $key);
assert($msg === '{"type":"PAYMENT"}');
Update: with your real-world data:
$key = hex2bin("282F8C1F40FD0BF4E9C130CB5E3CE6624B78E3AEB89FF4E4DFBF5F4360B1488B");
$nonce = hex2bin("34227A5F7EF770D06AFF5802");
$tag = hex2bin("0378EEE7AD576220256882D6084A4EAA");
$ciphertext = hex2bin("3B28A15C7103AB068A191618863C267E65A07AB9882BE0EF20CF32C137509D30E8066E26C7C2CE2C3F4DE2FB86E3A5409A90D2E772790434A789274ACCA93960CB65BF93066FC7D53CF7C74E8DEFE43A9DFB918F3F7109BF17F01C7378D44F24B78B15B8905DB06525A00135037B5B52E4F899D10111F3A2EBCA49A17C5272F98F97971051DCE89EBAF8412A585FE38B53DF4DEA2A9944CDAD2834F079A49F4247507253FD6AD769AB53F5C2B809B71C303D02E4321FD7A28F918FB4C0CF7963C2437D14A3273DDAB98231B15634D9E143D623B850FB8B8803717B4FDC647063C939DF677F6E90308F3824448179326C2C5AA1A2406B13F048BF908502D613DC1F2043D1A9AF13571287C8F4B98B5CE31E54D8E7BB0D963E451A5C0B9C2226B95967FCCA5AD754788C9F75080D458785B77AA6647A12F49FD07D7C3EFA79C6145E61AD101F3427920288891E6BFD05289D98CE030D5CCCDC55016A231B60E118127AFA49B9DB1FFD413DEFCEE72CD1361580F969811EA5AA31E4F5C095C5D12038D1BADDF1A6605B05EE4BF4009929E44F24017DD64D59B75381458BAC548BBDFC2F2AEF7CAE79A8EE0524747B69DD8C257521ED43CE4F9EBCCF2ADF7F708B53764177B49FFD8D8311F47A015A77FF2B2913F781C86C2E5D5ACBE866E18F6E859A118980DACAF3880722F95B75584B0B5171B8BC42309FD58C09F459818E33E49064D9436A6BD4F2F0E13EBBB2465C407711E6C9F2B47FE958B867A5AE433D7BBB164EBD847675480A1275093A1339C921EF527519B41550FF34B7BBB1EBD2DC4A1EC1A5DD3067D0BFC27AB5B527DC7BD388A66C1EBF4CAE403976834174E4681B66DFF867FAB023EC88567A60D8235ED8A0F55EEFF48602E9826C762E47B4441B18C378B529FFF002AEE98497974EA916699FD511C3D0FBE1FB4A6FA2721F3B614F9DFF2592CEF21CB25CE8057326AE6ECE484367B5EDBEF91424FD599F731B316626C51728A045FC2C7F1D01");
$msg = sodium_crypto_aead_aes256gcm_decrypt($ciphertext . $tag, NULL, $nonce, $key);
var_dump($msg);
As a side note, you should use sodium_hex2bin() instead of hex2bin() when decoding sensitive data, and if you are using the PECL libsodium extension, sodium_crypto_aead_aes256gcm_decrypt_detached() lets you provide the ciphertext and the tag as distinct parameters instead of having to concatenate them.
I try to implement Crypt::encrypt function in php and this code is here:
$key = "ygXa6pBJOWSAClY/J6SSVTjvJpMIiPAENiTMjBrcOGw=";
$iv = random_bytes(16);
$value = \openssl_encrypt(serialize('123456'), 'AES-256-CBC', $key, 0, $iv);
bIv = base64_encode($iv);
$mac = hash_hmac('sha256', $bIv.$value, $key);
$c = ['iv'=>$bIv,'value'=>$value,'mac'=>$mac];
$json = json_encode($c);
$b = base64_encode($json);
But result is wrong.
I am thinking i should do something on $key before set in openssl_encrypt function.
Please help.
Thank you.
SOLVED:
We can implement this method like this:
$text = '123456';
$key = "ygXa6pBJOWSAClY/CFEdOTjvJpMIiPAMQiTMjBrcOGw=";
$key = (string)base64_decode($key);
$iv = random_bytes(16);
$value = \openssl_encrypt(serialize($text), 'AES-256-CBC', $key, 0, $iv);
$bIv = base64_encode($iv);
$mac = hash_hmac('sha256', $bIv.$value, $key);
$c_arr = ['iv'=>$bIv,'value'=>$value,'mac'=>$mac];
$json = json_encode($c_arr);
$crypted = base64_encode($json);
echo $crypted;
This work tor me.
enjoy :)
Be Successful
Here is the implementation, directly from the official source code.
public function encrypt($value)
{
$iv = random_bytes(16);
$value = \openssl_encrypt(serialize($value), $this->cipher, $this->key, 0, $iv);
if ($value === false) {
throw new EncryptException('Could not encrypt the data.');
}
// Once we have the encrypted value we will go ahead base64_encode the input
// vector and create the MAC for the encrypted value so we can verify its
// authenticity. Then, we'll JSON encode the data in a "payload" array.
$mac = $this->hash($iv = base64_encode($iv), $value);
$json = json_encode(compact('iv', 'value', 'mac'));
if (! is_string($json)) {
throw new EncryptException('Could not encrypt the data.');
}
return base64_encode($json);
}
$iv should be the same as in the source
$this->key is the encryption key you set in your .env file, encoded in b64
$this->cipher should be the one you configured in your laravel configurations and compatible to your key-length.
In your example, you have set your $key to the value after the "base64:"-string, which is not the key. You need to encode the key with base64 before passing it.
So the the $key to the base64 encode of ygXa6pBJOWSAClY/J6SSVTjvJpMIiPAENiTMjBrcOGw=, which is eWdYYTZwQkpPV1NBQ2xZL0o2U1NWVGp2SnBNSWlQQUVOaVRNakJyY09Hdz0K
I want to decrypt a string when submitting form after entering an input string to be decrypted :
static function decrypt($data) {
$key = 'AVtr34EN';
$td = mcrypt_module_open(MCRYPT_DES,"",MCRYPT_MODE_ECB,"");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td,$key,$iv);
$data = mdecrypt_generic($td, base64_decode($data));
mcrypt_generic_deinit($td);
if (substr($data,0,1) != '!')
return false;
$data = substr($data,1,strlen($data)-1);
return unserialize($data);
}
When I call this function provided with an argument value of :
zeL1smxhfIEMWCews6vb1Y8yFa5tHbB3b489X0R3QtA=
then I get nothing !
I made a test if ( utils::decrypt($data_) === false ) but the program does not enter in the block of the if !
So how to treat this case ?
You give the string zeL1smxhfIEMWCews6vb1Y8yFa5tHbB3b489X0R3QtA= and using this andsandboxing the PHP it works exactly as expected:
static function decrypt($data) {
$key = 'AVtr34EN';
$td = mcrypt_module_open(MCRYPT_DES,"",MCRYPT_MODE_ECB,"");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td,$key,$iv);
$data = mdecrypt_generic($td, base64_decode($data));
mcrypt_generic_deinit($td);
//$data = "!s:20:"2�Y:H���6|1|2|1|2|4";���"
if (substr($data,0,1) != '!')
return false;
// If will never be reached in this case,
// as data first character does equal "!"
$data = substr($data,1,strlen($data)-1);
return unserialize($data); //"2�Y:H���6|1|2|1|2|4"
}
Please clarify your question. changing the inpt string to "FDHFDHeh" (or whatever) correctly returns false showing the IF statement is fired.
NOTE:
You are using an input $data variable but then also generating a new $data variable in the function, this is bad practise to have two different things with the same name, and judging by comments this is causing me, if not you, confusion.
Also you can simplify the substr as simply $data = substr($data,1); as because you're starting at character 1, the string length with be strlen($data)-1.
Recommended you rewrite:
static function decrypt($data) {
$key = 'AVtr34EN';
$td = mcrypt_module_open(MCRYPT_DES,"",MCRYPT_MODE_ECB,"");
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
mcrypt_generic_init($td,$key,$iv);
$decryptData = mdecrypt_generic($td, base64_decode($data));
mcrypt_generic_deinit($td);
if (substr($decryptData,0,1) !== '!'){
//re: comments below:
//using !== makes it a strict type comparison
return false;
}
$outputData = substr($decryptData,1);
return unserialize($data);
}
It may also be worthwhile using the mb_string functions.
You can also rewrite the string comparison using arrays (as a string is an array of letters) so, replace if(substr(...)) with:
if ($decryptData[0] !== '!')
return false;
Which means "IF the first character of variable $decryptData is not "!" then return false.
I have no idea what I'm doing wrong. I just need to be able to encrypt and decrypt without getting weird characters or warnings. It says I'm supposed to be using an IV of length 16 and that I'm using a length of 9 but "0123456789abcdef" is 16 characters.
Warning: mcrypt_generic_init() [function.mcrypt-generic-init]: Iv size incorrect; supplied length: 9, needed: 16 in /home/mcondiff/public_html/projects/enc/enc.php on line 10
See http://www.teamconcept.org/projects/enc/enc.php
I'm lost, confused, a little lightheaded. Here do I go from here? I have to use this encryption and get it working for a project.
<?php
class enc
{
function encrypt($str, $key) {
$key = $this->hex2bin($key);
$td = mcrypt_module_open("rijndael-128", "", "cbc", "fedcba9876543210");
mcrypt_generic_init($td, $key, CIPHER_IV);
$encrypted = mcrypt_generic($td, $str);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return bin2hex($encrypted);
}
function decrypt($code, $key) {
$key = $this->hex2bin($key);
$code = $this->hex2bin($code);
$td = mcrypt_module_open("rijndael-128", "", "cbc", "fedcba9876543210");
mcrypt_generic_init($td, $key, CIPHER_IV);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return utf8_encode(trim($decrypted));
}
function hex2bin($hexdata) {
$bindata = "";
for ($i = 0; $i < strlen($hexdata); $i += 2) {
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
}
return $bindata;
}
}
$theEncryption = new enc();
$user = "John Doe";
$email = "john#example.com";
$user = $theEncryption->encrypt($user, "0123456789abcdef");
$email = $theEncryption->encrypt($email, "0123456789abcdef");
echo 'User: '.$user;
echo 'Email: '.$email;
?>
Can somone point me in the right direction or point out what i'm doing wrong?
Thanks
Mike
CIPHER_IV is probably an undefined constant. PHP raises a "Use of undefined constant" notice and then uses the "constant" as string. The string "CIPHER_IV" is 9 characters long.
In your php file, do a print of CIPHER_IV and see what it contains.
See http://us2.php.net/mcrypt_generic_init for the specifics
You've probably copy-pasted the code from a blog: googling mcrypt_generic_init CIPHER_IV only gives this post and a blog ;)
The IV is a parameter that you need to specify to the function, not a constant that the first blogger put in misinterpreting the second blogger's article.
At http://propaso.com/blog/?cat=6, they declare these:
$secret_key = "01234567890abcde";
$iv = "fedcba9876543210";
and then do:
mcrypt_generic_init($td, $secret_key, $iv);
Simply declare your IV to be something, then use it.